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--The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
THE REPLY FILED 07 September 2007 FAILS TO PLACE THIS APPLICATION IN CONDITION FOR ALLOWANCE. 

1 . The reply was filed after a final rejection, but prior to or on the same day as filing a Notice of Appeal. To avoid abandonment of this 
application, applicant must timely file one of the following replies: (1 ) an amendment, affidavit, or other evidence, which places the 
application in condition for allowance; (2) a Notice of Appeal (with appeal fee) in compliance with 37 CFR 41 .31 ; or (3) a Request 
for Continued Examination (RCE) in compliance with 37 CFR 1.114. The reply must be filed within one of the following time 
periods: 

a) £3 The period for reply expires 3_months from the mailing date of the final rejection. 

b) O The period for reply expires on: (1) the mailing date of this Advisory Action, or (2) the date set forth in the final rejection, whichever is later. In 

no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of the final rejection. 

Examiner Note: If box 1 is checked, check either box (a) or (b). ONLY CHECK BOX (b) WHEN THE FIRST REPLY WAS FILED WITHIN TWO 

MONTHS OF THE FINAL REJECTION. See MPEP 706.07(f). 
Extensions of time may be obtained under 37 CFR 1.136(a). The date on which the petition under 37 CFR 1.136(a) and the appropriate extension fee 
have been filed is the date for purposes of determining the period of extension and the corresponding amount of the fee. The appropriate extension fee 
under 37 CFR 1 .1 7(a) is calculated from: (1) the expiration date of the shortened statutory period for reply originally set in the final Office action; or (2) as 
set forth in (b) above, if checked. Any reply received by the Office later than three months after the mailing date of the final rejection, even if timely filed, 
may reduce any earned patent term adjustment. See 37 CFR 1 .704(b). 
NOTICE OF APPEAL 

2. □ The Notice of Appeal was filed on . A brief in compliance with 37 CFR 41 .37 must be filed within two months of the date of 

filing the Notice of Appeal (37 CFR 41 .37(a)), or any extension thereof (37 CFR 41 .37(e)), to avoid dismissal of the appeal. Since a 
Notice of Appeal has been filed, any reply must be filed within the time period set forth in 37 CFR 41.37(a). 
AMENDMENTS 

3. □ The proposed amendment(s) filed after a final rejection, but prior to the date of filing a brief, will not be entered because 

They raise new issues that would require further consideration and/or search (see NOTE below); 

(b) Q They raise the issue of new matter (see NOTE below); 

(c) □ They are not deemed to place the application in better form for appeal by materially reducing or simplifying the issues for 

appeal; and/or 

(d) O They present additional claims without canceling a corresponding number of finally rejected claims. 

NOTE: . (See 37 CFR 1.116 and 41.33(a)). 

4. □ The amendments are not in compliance with 37 CFR 1.121. See attached Notice of Non-Compliant Amendment (PTOL-324). 

5. O Applicant's reply has overcome the following rejection(s): . 

6. □ Newly proposed or amended claim(s) would be allowable if submitted in a separate, timely filed amendment canceling the 

non-allowable claim(s). 

7. ^ For purposes of appeal, the proposed amendment(s): a) □ will not be entered, or b) ^ will be entered and an explanation of 

how the new or amended claims would be rejected is provided below or appended. 
The status of the claim(s) is (or will be) as follows: 

Claim(s) allowed: . 

Claim(s) objected to: . 

Claim(s) rejected: 8-1 5 . 
Claim(s) withdrawn from consideration: 1-7 . 
AFFIDAVIT OR OTHER EVIDENCE 

8. □ The affidavit or other evidence filed after a final action, but before or on the date of filing a Notice of Appeal will not be entered 

because applicant failed to provide a showing of good and sufficient reasons why the affidavit or other evidence is necessary and 
was not earlier presented. See 37 CFR 1.116(e). 

9. □ The affidavit or other evidence filed after the date of filing a Notice of Appeal, but prior to the date of filing a brief, will not be 

entered because the affidavit or other evidence failed to overcome all rejections under appeal and/or appellant fails to provide a 
showing a good and sufficient reasons why it is necessary and was not earlier presented. See 37 CFR 41 .33(d)(1 ). 

1 0. □ The affidavit or other evidence is entered. An explanation of the status of the claims after entry is below or attached. 
REQUEST FOR RECONSIDERATION/OTHER 

1 1 . The request for reconsideration has been considered but does NOT place the application in condition for allowance because: 
See Continuation Sheet. 

12. □ Note the attached Information Disclosure Statements). (PTO/SB/08) Paper No(s). 

13. □ Other: . 

/DANG T TON/ 

Supervisory Patent Examiner, Art Unit 2419 
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Continuation of 11. does NOT place the application in condition for allowance because: 
Respond to Remarks/Arguments 

Claim Rejection: Applicant's arguments filed 02/24/2009 have been fully considered but they are not persuasive. 

On claim 8, Applicants assert that Chen reference is not directed to " automation network" .This argument is not found to be persuasive, 

Chen reference (primary prior art) teaches and directed to automation network see [0002] lines 1-5). 

Also applicant assert that a LAN 101 and a LAN 1 97 in Fig. 1 of Chen neither of these include components which constitute an automation 
network. Refering back to claim8 includes process devices such as an automation device, a measurement transducer, an operating and 
monitoring device and a programming device. This argument is not found to be persuasive. Chen reference teaches components which 
constitute an automation network on both LAN 101 and a LAN 197 in Fig. 1, for LAN 101 please see PC 104 of Fig. 1 and for LAN 197 see 
hostl and host 2 of Fig. 1 . 

Further the examiner mentioned pc 104 and UNIX variant 106 as a programming device and not as a reference to the recited point to point 
connection. 

Further examiner did take in consideration that the tunnel has ' ' two end points , the first end point being in the first secure switch and the 
second end point being in the second secure switch " as disclosed by the applicants .please see the final office action page 3 , (interface 
unit 202 logically connected through a tunnel 215 in the internet to security portal 290 [0052] and Fig. 2). Interface unit 202 could be any 
switching device including ethernet, also there is a firewall in the second network and the firewall and it could be a series of machines, 
switches , routers, software, basically it can be implemented in either hardware or software or a combination of both. 
On claim 13 Applicants requested examiner to clarify how reads the follow subject matter on the prior art combination. 
"claim13, directed to a secure-switch, requires that first and second tunnel endpoints of claim 13 define a tunnel configured to securely 
transmit data via an insecure network. Furthermore, the secure channel converter is configured to allocate the tunnel to the first subscriber 
or the plurality of first subscribers using a subscriber address of the first subscriber or the plurality, of first subscribers, thereby effecting, in 
combination with the second secure switch, a point-to-point connection between at least the first subscriber and the second subscriber. The 
Examiner is reads the subject matter on the prior art combination . 

Regarding the first part " a secure-switch, requires that first and second tunnel endpoints of claim 13 define a tunnel configured to securely 
transmit data via an insecure network (Chen the primary) discloses (interface unit 202 logically connected through a tunnel 215 in the 
internet to security portal 290 [0052] and Fig. 2) , Chen dose not disclose Furthermore, the secure channel converter is configured to 
allocate the tunnel to the first subscriber or the plurality of first subscribers using a subscriber address of the first subscriber or the plurality, 
of first subscribers, thereby effecting, in combination with the second secure switch, a point-to-point . Weinstein et al (secondary 
reference) teaches the secure channel converter (Public key based secure channel establishment between the mobile subscriber and the 
access point. Each mobile subscriber has a public key in a directory maintained by the virtual operator see [0088]) 
is configured to allocate the tunnel (Once the mobile subscriber obtains the per session key, all mobile subscriber traffic is encrypted at the 
IP layer using IPSec, or at layer 2 using hardware encryption if the layer 2 protocol implementation (e.g., IEEE 802.11) at both the 
appliance and the access point supports per session keys see [0089]) 

to the first subscriber or the plurality of first subscribers using a subscriber address of the first subscriber or the plurality, of first subscribers, 
thereby effecting, in combination with the second secure switch, a point-to-point (Referring to FIG. 3A, the IP gateway 325 becomes a 
relatively fixed address for the visiting mobile subscriber.Therefore, only the inter-segment gateway router 302 internal to the PAMLAN 
have to be informed about path changes due to movement of the mobile subscriber from one local access point to another local access 
point. Even this requirement reduced by use of MPLS. Thus, a mobile appliance obtains an IP address dynamically when it enters a 
PAMLAN according to the present invention. The mobile appliance can then freely roam across the geographical LAN segments (i.e., LAN 
segment 1 and LAN segment 2) within the PAMLAN without requiring a new IP address assignment as the geographical LAN segments are 
traversed see [0059]). 

Thus in combining the disclosure of chen (primary reference) with the teaching of Weinstein et al regarding channel converter will clarify the 
prior art combination. 

On claim 15 Applicants requested examiner to address the requirement calling for a secure port and a plurality of non secure ports,. Please 
see aultman et al teaching (Each connection to the pairs of port switches 86A, B comprises a secure connection to a first port switch 86A 
and a non-secure connection to a second port switch 86B , for example. The pairs of port switches 86A, B are utilized on a floor quadrant 
in the Data Center-1 . Security is provided via physical separation at the point of connection and by VLAN software running inside the 
switch 80. Both connections terminate/originate with the EBR backup master server 36, which is security hardened see ([0072] that clarify 
the calling for secure port and plurality non secure ports and FIG. 8) also see (The LAN 32 also comprises Gigabit fiber uplink 
connections 84 from the routing switch 80 to a plurality of pairs of port switches 86A, B.[0072] lines 11-13). 

Also applicants assert that Aultman does not consistently provide the switch of claim13 , applicant's argument is not persuasive please 
see [0072] and [0073] wherein Aultman teaches the switch includes a secure and plurality of non- secure ports . 
Also in claim15 Applicatn's requested the examiner to expressly explain how he intends to read the claimed subject matter on the 
references to demonstrate obviousness. Aultman teach aplurality of non- secure ports and a switch matrix with the secure channel 
converter positioned between the secure ports and switch matrix and with the switch matrix positioned between the secure channel 
converter and non secure ports. (The network interface Gigabit card 88 is connected to the routing switch 80 (e.g., the Nortel 8600) in 
order to provide a network migration path. This network migration path provides connectivity, but not additional throughput. The network 
migration path allows for minimum changes to the applications while providing access to REEL-Backup Servers for recovery processes 
using existing backups while new backups can be obtained via the EBR backup master server 36. CAM/MMA servers can transition to 
other backup and recovery infrastructures by moving existing TCP/IP connections from the MMA/BOSIP user network 72 to a secure 
backup and recovery network port switch 86A or a non-secure backup and recovery network port switch 86B (e.g., the Nortel 450) ports see 
[0073] lines 5-1 8 and fig. 8) thus combining these futures taught by Aultman compensates for deficiencies in the Chen (primary reference) 
and Weinstein et al (secondary reference). 
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